Additional permissions are showing on the assign feature permission system role level and cannot be removed.

Users have found that additional permissions are showing on the "Permissions" tab in System Security Roles. These Permissions appear to be permanently stamped onto the System Role and can not be removed.

Article
Number:113761

Products:

Blackbaud_CRM

This was addressed via one-off, data-specific script.

If these "ghost" permissions appear on your System Role, you can prevent access to these roles by locating the feature permission and setting it to DENY under assigned feature permissions.

Steps to Duplicate

1) Navigate to the Application User2) Note that the App Users system roles have additional permissions assigned under the Permissions tab. 3) Click the System Role 4) Click the Permissions tab5) Notice that additional permissions exit on this system role. 6) Click Edit Assign Permissions7) Notice none of the Assign permisions are granted. 8) Click the Features Tab > Edit Assign Feature Permissions 9) Navigate to the Security Folder: Constituents > Edit Forms 10) Note that the Constituent Lookup ID edit form is not granted. (this is an example permission)11) Close the Edit form. 14) Search for any constituent. 15) Notice that you are still able to edit the Lookup ID

Environment

Affected ProductBlackbaud CRM

Affected Version4.0

Product and Version Notes4.0.173.53

Was this article helpful?

Thanks for your feedback! Did this solve your issue?

Comments (optional):

Thanks for your feedback!

We're glad it was helpful but sorry it didn’t solve your issue. If you need assistance, click Chat with Support below.

We’re sorry to hear that. Please tell us why.

I don't like how this works.

The answer is confusing.

The answer didn't match what I was searching for.

Additional Comments (optional):

Thanks for your feedback! If you need assistance, click Chat with Support below.